Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/B6zv0uhUmh9tJpr3NlMBCwypu-w.roa
File: B6zv0uhUmh9tJpr3NlMBCwypu-w.roa (raw, json)
Hash identifier: HZ8r3zpJgSlSFtPhgEXjjm+n6/a0/TpU5u3eVvYFC/Y=
Subject key identifier: 07:AC:EF:D2:E8:54:9A:1F:6D:26:9A:F7:36:53:01:0B:0C:A9:BB:EC
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 01930741F0DACAAE2DD0647AC9EA1983F885
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/B6zv0uhUmh9tJpr3NlMBCwypu-w.roa
Signing time: Thu 07 Nov 2024 15:33:02 +0000
ROA not before: Thu 07 Nov 2024 15:33:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208771
IP address blocks: 2a12:7a40:9909::/48 maxlen: 48
2a12:7a40:9919::/48 maxlen: 48
2a12:7a40:9929::/48 maxlen: 48
2a12:7a40:9939::/48 maxlen: 48
2a12:7a40:9949::/48 maxlen: 48
2a12:7a40:9959::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:41:f0:da:ca:ae:2d:d0:64:7a:c9:ea:19:83:f8:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Nov 7 15:33:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07acefd2e8549a1f6d269af73653010b0ca9bbec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:af:67:d3:00:81:01:10:aa:7d:b8:75:b8:63:
62:98:96:f6:0a:72:62:9c:86:e2:28:69:c3:71:f0:
46:cf:93:b5:42:6e:67:20:8f:35:12:85:1f:f8:52:
8f:6d:c6:f9:02:75:ee:5b:66:41:32:e5:c1:ff:e1:
81:cf:cf:65:1a:8e:71:20:6b:42:c0:83:d8:c2:5a:
be:b4:8c:4f:c3:69:a4:70:16:c2:95:0e:aa:5c:fb:
62:c1:f5:69:51:f4:0b:85:29:05:f7:c7:18:1c:2c:
9c:2f:c2:48:13:cb:46:9f:f7:3a:e8:e1:78:32:07:
c1:cb:02:b3:1e:12:bb:62:42:f5:8d:6e:0d:5d:20:
50:a8:b8:94:7c:3b:39:4f:6c:1d:84:89:28:f7:4d:
62:ee:ba:f4:e7:a2:4f:2a:c4:4c:c7:fd:0e:b4:08:
c9:cb:21:1c:e9:40:ab:50:a3:d8:d5:ba:6f:34:c7:
86:e3:f3:26:da:c7:fe:40:27:6a:b5:1d:36:be:6c:
96:6b:70:7f:13:6e:f0:5e:89:b5:e2:f4:2e:25:bf:
96:f6:1b:91:02:1b:7c:4e:80:70:6c:88:43:b5:e9:
aa:60:5b:2d:d6:b2:0e:7c:f6:fb:f9:92:60:a3:55:
da:af:83:b5:d9:95:34:b4:e9:dc:50:53:21:5c:f9:
a6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:AC:EF:D2:E8:54:9A:1F:6D:26:9A:F7:36:53:01:0B:0C:A9:BB:EC
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/B6zv0uhUmh9tJpr3NlMBCwypu-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:9909::/48
2a12:7a40:9919::/48
2a12:7a40:9929::/48
2a12:7a40:9939::/48
2a12:7a40:9949::/48
2a12:7a40:9959::/48
Signature Algorithm: sha256WithRSAEncryption
3c:4c:a5:6b:83:0c:02:ec:d8:2e:26:19:d1:9f:60:d7:a9:82:
42:c6:b7:a0:8e:f8:59:e1:85:5d:ed:92:27:0e:fc:17:06:b3:
19:a3:c9:39:85:af:e6:4e:e3:fe:7d:4c:18:d5:3e:e8:d8:e1:
9c:87:f8:ad:41:bd:9c:0b:00:63:69:3a:57:bc:02:47:71:bb:
c6:95:cc:bf:b4:c5:7a:b3:4f:7d:65:dc:9a:9c:4e:ef:ab:50:
67:34:09:ea:cd:df:c7:ed:52:1a:1b:d5:82:21:55:69:64:b0:
b2:35:bc:6b:a5:97:2a:5d:02:94:08:57:16:e0:d5:0f:90:b0:
89:9f:ab:6e:39:35:db:8c:94:c1:9d:93:06:c4:a0:b0:b4:78:
73:19:0a:63:e0:82:d4:64:e6:fe:c4:98:13:8b:43:7c:42:ec:
16:8a:bb:80:2c:8c:b2:6b:87:aa:44:cc:61:24:54:94:a6:b3:
3b:29:27:4e:34:0d:52:99:c9:9d:c0:06:ed:fc:d2:4d:97:74:
9e:47:3a:49:be:f4:a3:2f:57:5f:f8:36:f6:b9:98:b5:5f:f0:
6e:0b:e3:70:14:e9:e2:fa:10:4c:b9:e5:1e:53:3d:2c:20:1c:
86:92:6f:3e:dd:6c:3e:85:fa:57:62:aa:6e:03:c2:a0:98:4e:
42:44:27:ff
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZMHQfDayq4t0GR6yeoZg/iFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjQxMTA3MTUzMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2FjZWZkMmU4NTQ5YTFmNmQyNjlhZjczNjUzMDEwYjBjYTliYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi69n0wCBARCqfbh1uGNimJb2CnJi
nIbiKGnDcfBGz5O1Qm5nII81EoUf+FKPbcb5AnXuW2ZBMuXB/+GBz89lGo5xIGtC
wIPYwlq+tIxPw2mkcBbClQ6qXPtiwfVpUfQLhSkF98cYHCycL8JIE8tGn/c66OF4
MgfBywKzHhK7YkL1jW4NXSBQqLiUfDs5T2wdhIko901i7rr056JPKsRMx/0OtAjJ
yyEc6UCrUKPY1bpvNMeG4/Mm2sf+QCdqtR02vmyWa3B/E27wXom14vQuJb+W9huR
Aht8ToBwbIhDtemqYFst1rIOfPb7+ZJgo1Xar4O12ZU0tOncUFMhXPmmUwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAes79LoVJofbSaa9zZTAQsMqbvsMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvQjZ6djB1aFVtaDl0SnByM05sTUJDd3lwdS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkJ
AwcAKhJ6QJkZAwcAKhJ6QJkpAwcAKhJ6QJk5AwcAKhJ6QJlJAwcAKhJ6QJlZMA0G
CSqGSIb3DQEBCwUAA4IBAQA8TKVrgwwC7NguJhnRn2DXqYJCxregjvhZ4YVd7ZIn
DvwXBrMZo8k5ha/mTuP+fUwY1T7o2OGch/itQb2cCwBjaTpXvAJHcbvGlcy/tMV6
s099ZdyanE7vq1BnNAnqzd/H7VIaG9WCIVVpZLCyNbxrpZcqXQKUCFcW4NUPkLCJ
n6tuOTXbjJTBnZMGxKCwtHhzGQpj4ILUZOb+xJgTi0N8QuwWiruALIyya4eqRMxh
JFSUprM7KSdONA1SmcmdwAbt/NJNl3SeRzpJvvSjL1df+Db2uZi1X/BuC+NwFOni
+hBMueUeUz0sIByGkm8+3Ww+hfpXYqpuA8KgmE5CRCf/
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:13:28 2024 by rpki-client on console-fra.rpki-client.org